Lucene search
+L

829 matches found

cvelist
cvelist
•added 2025/11/25 7:4 p.m.•11 views

CVE-2025-34350 UnForm Server < 10.1.15 Doc Flow Unauthenticated File Read

UnForm Server versions 10.1.15 contain an unauthenticated arbitrary file read and SMB coercion vulnerability in the Doc Flow feature’s 'arc' endpoint. The Doc Flow module uses the 'arc' handler to retrieve and render pages or resources specified by the user-supplied 'pp' parameter, but it does so...

8.7CVSS0.00891EPSS
Exploits0References2
cve
cve
•added 2025/11/25 7:4 p.m.•16 views

CVE-2025-34350

Summary : CVE-2025-34350 affects UnForm Server

8.7CVSS6.1AI score0.00891EPSS
Exploits0References2
vulnrichment
vulnrichment
•added 2025/11/25 7:4 p.m.•3 views

CVE-2025-34350 UnForm Server < 10.1.15 Doc Flow Unauthenticated File Read

UnForm Server versions 10.1.15 contain an unauthenticated arbitrary file read and SMB coercion vulnerability in the Doc Flow feature’s 'arc' endpoint. The Doc Flow module uses the 'arc' handler to retrieve and render pages or resources specified by the user-supplied 'pp' parameter, but it does so...

8.7CVSS6.1AI score0.00891EPSS
Exploits0References2
cnnvd
cnnvd
•added 2025/11/25 12:0 a.m.•6 views

Synergetic Data Systems UnForm Server å®‰å…Øę¼ę“ž

Synergetic Data Systems UnForm Server is a document management and print archiving server software from Synergetic Data Systems, USA. A security vulnerability exists in Synergetic Data Systems UnForm Server versions prior to 10.1.15, which stems from an unauthenticated file read and SMB coercion...

8.7CVSS6.7AI score0.00891EPSS
Exploits0References3
ptsecurity
ptsecurity
•added 2025/11/25 12:0 a.m.•7 views

PT-2025-48076

Name of the Vulnerable Software and Affected Versions UnForm Server versions prior to 10.1.15 Description UnForm Server versions prior to 10.1.15 have an unauthenticated arbitrary file read and SMB coercion issue in the Doc Flow feature’s arc endpoint. The Doc Flow module uses the arc handler to...

8.7CVSS6.8AI score0.00891EPSS
Exploits0References6
ossf
ossf
•added 2025/11/24 10:42 p.m.•8 views

Malicious code in arc-cli-fc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6214b07e01a7c332d90dc0c32f225b76b8a3a8733256c42038ba1a6494a1794 The package arc-cli-fc was found to contain malicious code. Source: ghsa-malware 2b66690547df94d6cac227e7ed304d7408b2344131612b96fd60575122bf7cbe Any...

6.9AI score
Exploits0References4
euvd
euvd
•added 2025/11/24 10:42 p.m.•4 views

EUVD-2025-199191

Malicious code in arc-cli-fc npm...

6.6AI score
Exploits0References1
osv
osv
•added 2025/11/24 10:42 p.m.•3 views

MAL-2025-191064 Malicious code in arc-cli-fc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6214b07e01a7c332d90dc0c32f225b76b8a3a8733256c42038ba1a6494a1794 The package arc-cli-fc was found to contain malicious code. Source: ghsa-malware 2b66690547df94d6cac227e7ed304d7408b2344131612b96fd60575122bf7cbe Any...

6.8AI score
Exploits0References4
snyk
snyk
•added 2025/11/24 4:24 p.m.•4 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
redhatcve
redhatcve
•added 2025/11/12 5:7 p.m.•4 views

CVE-2025-32091

Incorrect default permissions in some firmware for the IntelR ArcTM B-series GPUs within Ring 1: Device Drivers may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. This result may...

8.4CVSS6.5AI score0.00126EPSS
Exploits0References1
nessus
nessus
•added 2025/11/12 12:0 a.m.•3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990866)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990866 advisory. In the Linux kernel, the following vulnerability has been resolved: net: arc: fix the device for dmamapsingle/dmaunmapsingle The ndev-dev and pdev-dev aren't the sam...

5.5CVSS6.2AI score0.00229EPSS
Exploits0References4
euvd
euvd
•added 2025/11/11 6:30 p.m.•5 views

EUVD-2025-93480

Incorrect default permissions in some firmware for the IntelR ArcTM B-series GPUs within Ring 1: Device Drivers may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. This result may...

8.4CVSS6AI score0.00126EPSS
Exploits0References2
nvd
nvd
•added 2025/11/11 5:15 p.m.•7 views

CVE-2025-32091

Incorrect default permissions in some firmware for the IntelR ArcTM B-series GPUs within Ring 1: Device Drivers may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. This result may...

8.4CVSS0.00126EPSS
Exploits0References1
vulnrichment
vulnrichment
•added 2025/11/11 4:51 p.m.•4 views

CVE-2025-32091

Incorrect default permissions in some firmware for the IntelR ArcTM B-series GPUs within Ring 1: Device Drivers may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. This result may...

8.4CVSS6.2AI score0.00126EPSS
Exploits0References1
cve
cve
•added 2025/11/11 4:51 p.m.•9 views

CVE-2025-32091

CVE-2025-32091 affects Intel Arc B-series GPUs in Ring 1: Device Drivers. The issue is incorrect default permissions in firmware that may allow local privilege escalation by a system software adversary with privileged user access and low attack complexity, requiring no user interaction. Impacts a...

8.4CVSS6.1AI score0.00126EPSS
Exploits0References1
cvelist
cvelist
•added 2025/11/11 4:51 p.m.•11 views

CVE-2025-32091

Incorrect default permissions in some firmware for the IntelR ArcTM B-series GPUs within Ring 1: Device Drivers may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. This result may...

8.4CVSS0.00126EPSS
Exploits0References1
ptsecurity
ptsecurity
•added 2025/11/11 12:0 a.m.•6 views

PT-2025-46429

Name of the Vulnerable Software and Affected Versions Intel Arc B-series GPUs affected versions not specified Description A configuration issue with default permissions in some firmware for Intel Arc B-series GPUs within Ring 1 device drivers may allow an attacker to gain elevated privileges. A...

8.4CVSS6AI score0.00126EPSS
Exploits0References3
intel
intel
•added 2025/11/11 12:0 a.m.•11 views

IntelĀ® Graphics Advisory

Summary: Potential security vulnerabilities for some IntelĀ® Graphics software may allow escalation of privilege or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2025-32091 Description: Incorrect default...

8.4CVSS6.5AI score0.00126EPSS
Exploits0
osv
osv
•added 2025/10/31 11:36 p.m.•16 views

MGASA-2025-0253 Updated transfig packages fix security vulnerabilities

fig2dev stack-overflow. CVE-2025-46397 fig2dev stack-overflow via readobjects. CVE-2025-46398 fig2dev segmentation fault vulnerability. CVE-2025-46399 fig2dev segmentation fault in readarcobject. CVE-2025-46400...

7.8CVSS7AI score0.00269EPSS
Exploits4References3
nessus
nessus
•added 2025/10/27 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2023-53719

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - serial: arcuart: fix ofiomap leak in arcserialprobe Smatch reports: drivers/tty/serial/arcuart.c:631 arcserialprobe warn: 'port-membase' from ofiomap not releas...

6.2AI score0.00197EPSS
Exploits0References3
Rows per page
Query Builder